We are hearing reports from peer institutions, and beginning to see evidence on our campus, of an increase in very dangerous virus files being successfully delivered by email. These viruses are changing faster than most anti-virus definitions and can do serious damage. Another university is reporting seeing delivery of the “locky” virus which can make all files on your computer (and even on network shares), unreadable and unrecoverable.
You can read more about locky at: http://www.symantec.com/connect/blogs/locky-ransomware-aggressive-hunt-victims
In our email systems we saw several waves of similar email with subjects like “Voicemail service”, with text like:
just wanted to let you know you were just left a 0:41 long message (number 13026468892)
in mailbox 130264688921 from "13026468892" <7244962139>, on Fri, 01 Sep 2017 06:03:57 -0500
so you might want to check it when you get a chance. Thanks!
If you clicked on such an attachment, please reach out to your LSP. It seems to be Trojan malware that will create a "back door" in your computer that hackers can enter.
We are working to detect and block as many of these emails as we can, but please do not click on any attachment unless you know the sender. Please be especially careful of unexpected emails claiming to have an invoice, a file from a copier or scanner, or a zip file that might then contain other files.
Another recent attachment uses macros in Microsoft Office documents to infect systems so that it can steal banking credentials and then attempt to make fraudulent financial transactions.
If you receive an attachment that seems even a little suspicious, please reach out to your LSP before opening it.